Lesson 5: Secure Enterprise Network Architecture Flashcards
What does a secure network architecture support?
Confidentiality, integrity, and availability for workflows.
What are the key components of enterprise network architecture?
Network Infrastructure: Media, appliances, and protocols for connectivity.
Network Applications: Services supporting business tasks (e.g., email).
Data Assets: Information created and transferred by workflows.
What are the layers of the Network Layers (OSI Model)?
Layer 1 - Physical
Layer 2 - Data Link
Layer 3 - Network
Layer 4 - Transport
Layer 5 - Session
Layer 6 - Presentation
Layer 7 - Application
What is the Network Layers (OSI Model): Layer 1 (Physical)
Provide examples
Transmits raw bit stream data over the physical medium
Examples:
- Twisted-pair cables
- Fiber Optic
- Wireless
What is the Network Layers (OSI Model):
Layer 2 (Data Link)
Provide examples
Defines the format of data on the network
- Switches
- MAC Addresses
- VLANs
What is the Network Layers (OSI Model):
Layer 3 (Network)
Provide examples
Decides which path the data will take, determining the best path for data delivery
- Routers
- IP Addresses
- Subnetting
What is the Network Layers (OSI Model):
Layer 4 (Transport)
Provide examples
Transmits data using transmission protocols including TCP and UDP
What is the Network Layers (OSI Model):
Layer 5 (Session)
Provide examples
Maintains connections and is responsible for controlling ports and sessions between applications.
Uses protocols like Syn/Ack (used in TCP)
What is the Network Layers (OSI Model):
Layer 6 (Presentation)
Provide examples
Handles data formatting, encryption, and compression, ensuring data is presented in a readable format.
Examples:
- Encryption protocols (SSL/TLS),
- Data Compression
- Character Encoding (ASCII, UTF-8)
What is the Network Layers (OSI Model):
Layer 7 (Application)
Provide examples
Provides network services to applications, allowing users to interact with the network
Examples:
- Hypertext Transfer Protocol (HTTP) for web browsing
- File Transfer Protocol (FTP) for file transfer
- Simple Mail Transfer Protocol (SMTP) for email
- Simple Network Management Protocol (SNMP) for network management
What is the function of VLANs?
VLANs segment networks into distinct broadcast domains. This improves security and performance.
Each VLAN maps to unique subnet, requiring routing for inter-VLAN communication.
How are security zones used in a network?
They segregate workflows (ex. public-facing servers vs. internal clients).
They use firewalls to enforce least privilege and control traffic between zones.
What does “defense in depth” mean in network security?
Implementing multiple layers of security to protect against intrusions by analyzing vulnerabilities at Layers 1-7.
What is the purpose of port security?
MAC Filtering/Limiting: Limits the number of MAC addresses per switch port.
802.1X Authentication: Ensures secure authentication at switch ports using EAP and RADIUS.
What is physical isolation in a network?
Using air-gapped hosts/networks that are physically disconnected from other networks to secure critical systems.
Name three types of firewalls and their features.
Packet Filtering: Inspects IP, protocol, and port headers.
Stateful Inspection: Tracks session information to identify anomalies.
Layer 7 Firewalls: Application-aware filtering to inspect traffic content.
What is the difference between IDS and IPS?
IDS (Passive): Captures traffic and raises alerts for suspicious patterns.
IPS (Active): Blocks or redirects malicious traffic.
What is the role of load balancers?
They distribute traffic across server pools to enhance availability and prevent overload.
What do Next-Generation Firewalls (NGFW) entail?
They integrate Intrusion Prevention Services (IPS), Deep Packet Inspection, Role-based policies, and cloud connectivity.
What does “Unified Threat Management (UTM)” include?
A single appliance combining firewall, antimalware, spam filtering, VPN, and more.
What distinguishes Layer 4 and Layer 7 load balancers?
Layer 4 load balancers, based on IP/TCP values , focus on routing based on IP addresses and ports.
Layer 7 load balancers, like Application Load Balancers (ALB), can inspect application-layer data for more complex routing. Its content-aware with session persistence.
What does a Web Application Firewall (WAF) protect against?
It protects web applications against attacks like code injection and denial-of-service (DoS).
What are the two main types of VPN architectures?
Client-to-Site VPN: Remote workers connect securely to corporate networks.
Site-to-Site VPN: Connects two networks, such as branch offices.
What are the components of IPsec for VPNs and what do they do?
Authentication Header (AH): Verifies integrity.
Encapsulating Security Payload (ESP): Encrypts data for confidentiality.
What does Transport Layer Security (TLS) do?
It provides application-level encryption.
Its used for securing communications over a network, including VPNs, by encrypting data and verifying the identities of communicating parties
What does the Internet Key Exchange (IKE) protocol handle in IPsec?
IKE handles mutual authentication, cipher selection, and key exchange for IPsec.
What is a Remote Desktop Access provide?
Remote Desktop Access (RDP) provides encrypted connections to physical/virtual desktops or apps.
Alternatives to RDP is HTML5-based clientless remote desktop tools.
What is SSH used for?
Encrypts terminal access for administration and file transfers.
Key features for SSH:
- Host keys for server identification.
- Authentication via username/password, public keys, or
Kerberos tickets.
What are out-of-band (OOB) management channels used for?
Providing isolated management access for network appliances.
What is a Jump Server?
A dedicated admin server controlling access to secure zones, by acting as a central point of access, preventing direct access to sensitive systems from untrusted networks.
